/*
* Licensed under the MIT License
* 
* Copyright (c) 2010 Kay Kreuning
* 
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
* 
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
* 
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
* 
* http://code.google.com/p/as3hyvesapi
*/
package nl.hyves.api.authorization
{
	import flash.events.Event;
	import flash.external.ExternalInterface;
	import flash.net.URLLoader;
	import flash.net.URLRequest;
	
	import nl.hyves.api.methods.PublicMethods;
	import nl.hyves.api.oauth.IAuthorizer;
	import nl.hyves.api.oauth.IOAuth;
	import nl.hyves.api.oauth.OAuthToken;
	
	public class PopupAuthorization implements IAuthorizer
	{
		public static const EXPIRATIONTYPE_DEFAULT:String = "default";
		public static const EXPIRATIONTYPE_INFINITE:String = "infinite";
		public static const EXPIRATIONTYPE_USER:String = "user";
		
		private const AUTHORIZE_ENDPOINT:String = "http://www.hyves.nl/api/authorize/";
		
		private var callback:String;
		private var methods:Array;
		private var expirationType:String;
		private var oauth:IOAuth;
		
		public function PopupAuthorization(callback:String, methods:Array, expirationType:String = "default")
		{
			this.callback = callback;
			this.methods = methods;
			this.expirationType = expirationType;
		}
		
		public function authorize(oauth:IOAuth):void
		{
			this.oauth = oauth;
			
			var request:URLRequest = oauth.getURLRequest({
				ha_method: PublicMethods.auth_requesttoken,
				methods: methods,
				expirationtype: expirationType
			});
			
			var loader:URLLoader = new URLLoader(request);
			loader.addEventListener(Event.COMPLETE, onRequestComplete);
		}
		
		private function onRequestComplete(event:Event):void
		{
			var response:XML = new XML(event.target.data);
			
			var token:OAuthToken = new OAuthToken(
				response.oauth_token.toString(),
				response.oauth_token_secret.toString()
			);
			
			oauth.updateCredentials(token);
			
			var url:String = AUTHORIZE_ENDPOINT +
				"?oauth_token=" + encodeURIComponent(token.token) +
				"&oauth_callback=" + encodeURIComponent(callback);
			
			if (ExternalInterface.available)
			{
				ExternalInterface.addCallback("setVerifier", onRequesttokenAuthorized);
				ExternalInterface.call("OAuthBridge.callAuthorize", url);
			}
			
			// TODO: Throw errors when ExternalInterface is not available.
		}
		
		private function onRequesttokenAuthorized(response:String):void
		{
			var token:String = decodeURIComponent(response.match(/(?<=oauth_token=).*(?=&oauth_verifier)/g)[0]);
			var verifier:String = decodeURIComponent(response.match(/(?<=oauth_verifier=)\w+/g)[0]);
			
			var request:URLRequest = oauth.getURLRequest({
				ha_method: PublicMethods.auth_accesstoken,
				oauth_token: token,
				oauth_verifier: verifier
			});
			
			var loader:URLLoader = new URLLoader(request);
			loader.addEventListener(Event.COMPLETE, onAccesstokenComplete);
		}
		
		private function onAccesstokenComplete(event:Event):void
		{
			var response:XML = new XML(event.target.data);
			
			oauth.updateCredentials(new OAuthToken(
				response.oauth_token.toString(),
				response.oauth_token_secret.toString(),
				response.userid.toString(),
				response.methods.split(","),
				new Date(parseInt(response.expiredate.toString()) * 1000)
			));
		}
	}
}